<?php

define('ACC',true);

require('../includes/init.php');

if(isset($_GET['act']) && $_GET['act'] == 'exit'){
	$_SESSION = array();
	session_destroy();
	header("Location: index.php");
}

$login = new LoginModel();

if(isset($_POST['username'])){
	$username = $_POST['username'];
}else{
	$username = '';
}

if(isset($_POST['password'])){
	$password = $_POST['password'];
}else{
	$password = '';
}

if(isset($_POST['chknumber'])){
	$chknumber = $_POST['chknumber'];
}else{
	$chknumber = '';
}

if($chknumber = ''){

	if($username != ''){
		$smarty->assign('username', $username);
	}
	if($password != ''){
		$smarty->assign('password', $password);
	}
	$smarty->assign('cue', '<font color="red">请输入验证码！</font>');
	$smarty->display('./admin/login.html');
	exit;
	
}else if(!isset($_SESSION['image_str']) || strtolower($_POST['chknumber']) != strtolower($_SESSION['image_str'])){
	
	if($username != ''){
		$smarty->assign('username', $username);
	}
	if($password != ''){
		$smarty->assign('password', $password);
	}

	$smarty->assign('cue', '<font color="red">验证码错误！</font>');
	$smarty->display('./admin/login.html');
	exit;
	
}else if($username != ''){
	if($password == ''){
		$smarty->assign('cue', '<font color="red">密码不能为空</font>');
		$smarty->display('./admin/login.html');
		exit;
	}

	if(($row = $login->check_user($username)) == false){

		$smarty->assign('cue', '<font color="red">用户名或密码错误！</font>');
		$smarty->display('./admin/login.html');
		exit;
	}else if($row['password'] != md5($password)){

		$smarty->assign('cue', '<font color="red">用户名或密码错误！</font>');
		$smarty->display('./admin/login.html');
		exit;
	}else{
		$data['last_login'] = time();
		$role_id = $login->get_role_id($username);

		$row = $login->get_auth_list($role_id);
		$auth_list = $row['auth_list'];
		
		if($login->login_time($data, $username) !=false && $role_id !=0 && $auth_list !=''){
			$_SESSION['admin_username'] = $username;
			$_SESSION['role_id'] = $role_id;
			$_SESSION['auth_list'] = $row['auth_list'];
		

			header("Location: index.php");
		}else{
			$smarty->assign('cue', '<font color="red">您的账户信息出现异常！</font>');
			$smarty->display('./admin/login.html');
			exit;
		}
	}
	
}else{
	if($password == ''){
		$smarty->assign('cue', '<font color="red">用户名和密码不能为空！</font>');
		$smarty->display('./admin/login.html');
		exit;
	}else{
		$smarty->assign('cue', '<font color="red">用户名不能为空！</font>');
		$smarty->display('./admin/login.html');
		exit;
	}
}



?>